Pcadvisor Review

1st Febraury 2010

The iStorage diskG* is a USB hard drive with capacity up to 500GB, featuring secure AES-256 encryption, and unlocked by a number keypad

Review by Andrew Harrison

Locking down personal or business data is easier than ever these days, as more USB drives adopt encryption to keep prying eyes out. And if you don’t want to mess around with typing passwords into your computer whenever you dock the drive, how about a hard drive sporting a telephone number keypad?

The iStorage diskG* is about the size of a pocket diary, and coated in a modern non-slip rubbery finish. Inky black and non-slip to the touch, it nevertheless does seem to collect fingerprints and dust rather too well. Fortunately iStorage also includes a soft wetsuit-material carry pouch to help keep it clean and cushioned in transit.

Inside the iStorage diskG* is a 2.5in SATA hard disk, of either 250GB, 320GB or 500GB capacity. Standing between you and data on that drive is an encryption chip and the number combination lock.

If the iStorage diskG* looks at all familiar, it’s because it’s essentially the same as the Lenovo ThinkPad Secure Storage device. The difference is the higher capacities available through iStorage (Lenovo is 160GB or 320GB only), and the tougher encryption found here, where the Lenovo version is ‘limited’ to AES-128. Prices of the two brands’ 320GB product is comparable.

Another difference is the use of slightly larger, oval-shaped keys on the iStorage diskG* that are easier to press. These feature alphabetical characters too, enabling you to handily invent numerical passcodes based on passwords.

Like USB flash drives we’ve seen recently from the likes of IronKey, Kingston and SanDisk, the iStorage diskG* uses hardware encryption, to the very secure AES-256 level. The US government has approved AES-256 encryption for use of classified documents up to ‘Top Secret’ level.

Unless a back door is found into this unit – as happened with some of Kingston’s range of encrypted USB flash drives recently – this is about as secure as it gets. Data into and out of the drive is encrypted on-the-fly, and only the correct PIN code will first open the drive for business.

To use the iStorage diskG*, you first unclip a short tethered lead from its side and plug into a computer’s USB port – any platform, any operating system – to power it up.

In use we often found the 10cm cable on the iStorage diskG* to be a little short for easy use – for example, if you have your laptop on a stand more than three inches off the desk. There is an extension cable included, though, and with its double-USB male plugs on the PC end, this will be essential if your computer’s USB ports are below the power spec. There’s no additional DC power-in socket.

Once powered up, a LED under the 0 key lights up red. The first time you use it, you’ll need to enter the default admin passcode of 123456.

You should then create your own admin passcode of between six and 16 digits. This done, it’s possible to create up to ten ‘User’ passcodes. The difference between them? If someone forgets their User passcode, it can be reset by entering into an Admin Mode, using the unit’s Admin passcode; although you will lose all other User passcodes.

If you forget the Admin passcode, it is possible to totally reset the unit and reuse it; but this time you’ll lose all the data on the drive, and put it back to a factory default condition.

To guard against brute-force attacks – that is, by a patient hacker trying every one of 10 quadrillion possible number combinations – the iStorage diskG* only accepts 50 wrong attempts before locking down. At this point, no-one can get in until you enter a special seven-digit code provided in the instruction manual.

If 50 more unsuccessful attempts are then made, the drive locks completely. The only way to unlock it after this is to reset it, as if you’d lost the Admin passcode – with the same permanent lose of all data onboard.

Having two layers of control of the iStorage diskG* does add complexity, but may be very useful in business environments.

An IT department, for example, can set an Admin passcode, and give the drive with a User passcode to an employee. As the employee cannot change his own passcode, let alone the Admin passcode, there’s no chance of the company being locked out of its own device in the event the employee leaves and hands back a drive that has had its passcodes reset.

The flipside of this arrangement is potentially weaker overall security, as up to 11 different passcodes may be in circulation, any of which could unlock the device. For a single home user, a single Admin passcode alone should be sufficient for easy and secure use.

In our performance tests, the iStorage diskG* recorded an average read speed up to 29MB/s, and write speeds up to 12MB/s. While these speeds are not especially quick, they are equivalent to non-encrypted USB hard drives, suggesting that the real-time encryption and decryption processes does not slow the transfer of data too much.

Specifications

Verdict

This number-locked USB drive promises incredibly secure lockdown of sensitive data. Being agnostic to computer type, and not requiring any software to be installed on a host computer, is a major bonus. Two-tier admin/user access ensures that the drive’s data should always remain accessible by its owner even if a second user forgets their code or tries to reset the code. Compared to the same capacity in unencrypted storage, this is an expensive USB drive. But it’s one that should earn its keep for those who need this level of security assurance. And given its better 256-bit security and improved keypad, we’d recommended the iStorage diskG* over the Lenovo version.